security

New US Navy Tool Exposes Microsoft Teams Security Flaws – Tech.co


A Resolution Won’t Be Immediate

The issue that TeamsPhisher exploits was initially flagged last month by UK-based cybersecurity experts Jumpsec. Microsoft was made aware of it, but told Jumpsec researchers that it didn’t meet the bar for immediate servicing. 

Despite the ability for attackers to spread malware without being detected, Microsoft has stated that it considers the attacks to rely on social engineering to be successful. 

In a statement to BleepingComputer, Microsoft added “we encourage customers to practice good computing habits online, including exercising caution when clicking on links to web pages, opening unknown files, or accepting file transfers.”

So while a system repair may not be on the horizon right now, there are a few safety precautions organizations can take to protect from getting attacked: Creating an allow-list for trusted domains can help limit the risk, as can disabling communication with external tenants if they’re not explicitly needed.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.